Wednesday Apr 16, 2014

New Oracle Data Masking and Subsetting Blog

I wanted to call everyone's attention to the new Oracle Data Masking and Subsetting blog.

Dinesh has recently joined our database security product management team and he's begun blogging on our excellent data masking solution. 

More Information


Tuesday Apr 01, 2014

Forrester Report: Total Economic Impact of Oracle Data Masking

In June 2013, Oracle commissioned Forrester Consulting to examine the total economic impact and potential return on investment that enterprises may realize by implementing Oracle Data masking Pack, part of Oracle's portfolio of database securing solutions. 

Read the report here for more.

In summary: 

 ROI  Payback period  Total benefits (PV)  Total costs  Net present value (NPV)
 242%  5.4 months  $1,616,709  ($472,618)  $1,144,091

Thursday May 02, 2013

Demo of Oracle Data Masking Using Enterprise Manager 12c

Data masking, also known as data scrambling or data anonymization, is the process of obscuring sensitive information copied from a production database to a test or non-production database. Data masking is ideal for confidential or regulated data that needs to be shared with non-production users who require access to the original data, but not true data.

Watch this demo to see how the Oracle E-Business Suite Template for the Data Masking Pack, when applied with the Oracle Enterprise Manager 12c Cloud Control Data Masking tool, scrambles sensitive data in a copy of the production system.

Thursday Feb 14, 2013

Gartner Positions Oracle in Leaders Quadrant for Data Masking

Gartner, Inc. has named Oracle as a Leader in its first “Magic Quadrant for Data Masking Technology(1). Gartner’s Magic Quadrant reports position vendors within a particular quadrant based on their completeness of vision and ability to execute.

According to Gartner, “Adopting data masking helps enterprises raise the level of security and privacy assurance against abuses. At the same time, data masking helps enterprises meet compliance requirements with the security and privacy standards recommended by regulating/auditing authorities.”

Gartner continued, “…we expect a relatively high speed of technology maturity for data masking. By 2016, the static data masking [SDM] market will reach the Plateau of Productivity in Gartner's Hype Cycle, with approximately 50% of the target audience adopting it.”

“With more structured and unstructured data in enterprise databases, companies need simple and consistent tools to comply with data privacy regulations and mask sensitive data during application development, testing or data analysis,” said Vipin Samar, Vice President of Database Security Product Development, Oracle. “Oracle is the world’s #1 database provider, integrating best-in-class hardware and software to deliver extreme performance and ensure robust database security for our customers.”

Oracle Data Masking Pack is a component of Oracle Enterprise Manager and part of the Oracle Database Security defense-in-depth solution. Get the Gartner Magic Quadrant for Data Masking Technology here.

(1) Gartner, Inc., “Magic Quadrant for Data Masking Technology,” by Joseph Feiman, Carsten Casper, December 20, 2012

Wednesday Aug 29, 2012

Why Cornell University Chose Oracle Data Masking

One of the eight Ivy League schools, Cornell University found itself in the unfortunate position of having to inform over 45,000 University community members that their personal information had been breached when a laptop was stolen. To ensure this wouldn’t happen again, Cornell took steps to ensure that data used for non-production purposes is de-identified with Oracle Data Masking.

A recent podcast highlights why organizations like Cornell are choosing Oracle Data Masking to irreversibly de-identify production data for use in non-production environments. Organizations often copy production data, that contains sensitive information, into non-production environments so they can test applications and systems using “real world” information. Data in non-production has increasingly become a target of cyber criminals and can be lost or stolen due to weak security controls and unmonitored access. Similar to production environments, data breaches in non-production environments can cost millions of dollars to remediate and cause irreparable harm to reputation and brand.

Cornell’s applications and databases help carry out the administrative and academic mission of the university. They are running Oracle PeopleSoft Campus Solutions that include highly sensitive faculty, student, alumni, and prospective student data. This data is supported and accessed by a diverse set of developers and functional staff distributed across the university.

Several years ago, Cornell experienced a data breach when an employee’s laptop was stolen.  Centrally stored backup information indicated there was sensitive data on the laptop. With no way of knowing what the criminal intended, the university had to spend significant resources reviewing data, setting up service centers to handle constituent concerns, and provide free credit checks and identity theft protection services—all of which cost money and took time away from other projects.

To avoid this issue in the future Cornell came up with several options; one of which was to sanitize the testing and training environments.

“The project management team was brought in and they developed a project plan and implementation schedule; part of which was to evaluate competing products in the market-space and figure out which one would work best for us.  In the end we chose Oracle’s solution based on its architecture and its functionality.” – Tony Damiani, Database Administration and Business Intelligence, Cornell University

The key goals of the project were to mask the elements that were identifiable as sensitive in a consistent and efficient manner, but still support all the previous activities in the non-production environments. Tony concludes, 

“What we saw was a very minimal impact on performance. The masking process added an additional three hours to our refresh window, but it was well worth that time to secure the environment and remove the sensitive data. I think some other key points you can keep in mind here is that there was zero impact on the production environment. Oracle Data Masking works in non-production environments only. Additionally, the risk of exposure has been significantly reduced and the impact to business was minimal.”

With Oracle Data Masking organizations like Cornell can:

  • Make application data securely available in non-production environments
  • Prevent application developers and testers from seeing production data
  • Use an extensible template library and policies for data masking automation
  • Gain the benefits of referential integrity so that applications continue to work

Listen to the podcast to hear the complete interview. 

Learn more about Oracle Data Masking by registering to watch this SANS Institute Webcast and view this short demo.

Tuesday May 29, 2012

Data Masking for Oracle E-Business Suite

E-Business Suite customers can now use Oracle Data Masking to obscure sensitive information in non-production environments. Many organizations are inadvertently exposed when copying sensitive or regulated production data into non-production database environments for development, quality assurance or outsourcing purposes. Due to weak security controls and unmonitored access, these non-production environments have increasingly become the target of cyber criminals. Learn more about the announcement here.

Wednesday Jul 06, 2011

Oracle Data Masking: Irreversibly De-Identify Sensitive Data For Non-Production Use

Check out the new Oracle Data Masking Flash Overview.

Many organizations inadvertently breach information when they routinely copy sensitive or regulated production data into non-production environments. Data in non-production environments has increasingly become the target of cyber criminals and can be lost or stolen due to weak security controls and unmonitored access. Just like data breaches in production environments, data breaches in non-production environments can cost millions of dollars to remediate and cause irreparable harm to reputation and brand.

With Oracle Data Masking Pack, sensitive and valuable information such as credit card and social security numbers can be replaced with realistic values. This allows production data to be safely used for development, testing, and sharing with out-source or off-shore partners, or other non-production purposes.


Who are we?

Follow us on

  • TwitterFacebookLinkedIn


« July 2016